Job Description:

About Emovis At Emovis we offer state-of-the-art toll-based mobility solutions and associated services for urban and interurban environments.As the competence center for Abertis, a worldwide leading concessionaire managing 5000 miles of high-capacity high-qualitymotorways, we look to bring the quality and efficiency demanded by Abertis to public sector transportation agencies. With over 40 years' experience and over 600 employees in 10 countries, we are trusted partners to Authorities and Tolling agencies across the world.Our vision at Emovis is to partner with transport leaders across the world to accelerate their business toward seamless, sustainable, and inclusive mobility. We are expanding our footprint in the USA. As a result, we are operating Call Centers', Walk-in, and Welcome Centers' throughout the United States. Job PurposeThe IT Security Manager reports to the Global Security Manager. Implements, maintains, and continually enhances a robust cyber security maturity program to meet the organization's strategic direction, legal, regulatory and compliance objectives. Conducts regular evaluations of security controls to ensure they are operating efficiently and effectively, as required. Implements remediation plans as necessary. Liaise and support key business and technical stakeholders with BAU and project related security activities. Provide support with group initiatives, as needed. ResponsibilitiesImplements and maintains the application of physical and logical security controls and governance practices aligned to corporate strategy and business objectives.Manage and maintain compliance activities and maintain accreditations where required: PCI DSS annual audits SOC2 annual audits ISO27001Conduct regular internal audits and control reviews of compliance activities.Manage and support Business Resilience and Continuity, overseeing annual evaluations of continuity plans.Develop and maintain a security dashboard for management reporting.Oversee monthly vulnerability scans and scheduled penetration testing activities along with subsequent remediation as appropriate.Respond and assist managing and resolving information security incidents, completing post incident root cause analysis and remediation activities.Partners with operational and functional leads to promote consistency and continuity of security practices.Works closely, cooperates and aligns with the IT Department; escalates risks to IT Leadership immediately.Participate in future bids and tender submissions to address information security components in collaboration with the bid team.Engage all areas of the business to promote and enhance security awareness and required behaviours to reduce risks and exposures.Performs other duties as assigned.Requirements:Education:Degree or higher in Computer Science or related fielddegrees - preferredTechnical Skill requirements:Knowledge of SOC2 auditsISO27001- Lead Auditor or Implementor preferred.ITIL - strongly preferred.CISSP or CISA, or CISM (or equivalent) - strongly preferred.ISO27001 Lead Auditor andor Implementor - strongly preferred.ISO22301 Lead Auditor Business Continuity - strongly formation security risk frameworks to influence security controls.Firewalls - ability to conduct firewall ruleset reviews.Basic networking concepts - WAN LAN VLANs,Familiarity of role-based access controls and access rights review processFamiliarity with vulnerability monitoring toolsExperience of Security Incident and Event Management (SIEM) toolsExperience of PCI DSS compliance and reportingKnowledge of cloud infrastructures and servicesKnowledge of cybersecurity regulations in the USACIS Controls and frameworkUnderstanding of Data Protection Legislation and data privacy conceptsFamiliarity with business continuity concepts (resilience, redundancy, backup & restore)Business process development and mappingTechnical testing methodologies and techniques (Penetration & Vulnerability testing)LocationTravelHours:Travel is required 40% of the time.Travel within US and Puerto ternational travel: OccasionallyMust have flexibility to work outside normal business hours.Experience:(3) years Security Management experienceAble to read, write and to proficiently speak in English.